Providing substitute domain information in a virtual private network

ABSTRACT

A method in a virtual private network (VPN) environment, the method including receiving, at a user device, domain information associated with a VPN service provider; transmitting, by the user device, a first connection request to the VPN service provider based at least in part on utilizing the domain information; determining, by the user device, that the VPN service provider cannot be reached via utilization of the domain information; determining, by the user device based at least in part on determining that the VPN service provider cannot be reached, substitute domain information to be utilized for transmitting a second connection request; and transmitting, by the user device, the second connection request to the VPN service provider based at least in part on utilizing the substitute domain information is disclosed. Various other aspects are contemplated.

CROSS REFERENCE

This application is a continuation of U.S. Non-Provisional patentapplication Ser. No. 17/516,652, filed on Nov. 1, 2021, and titled“Providing Substitute Domain Information In A Virtual Private Network,”which is a continuation of U.S. Non-Provisional patent application Ser.No. 17/516,612, filed on Nov. 1, 2021, and titled “Providing SubstituteDomain Information In A Virtual Private Network,” the entire contents ofwhich applications are incorporated herein by reference.

FIELD OF DISCLOSURE

Aspects of the present disclosure generally relate to a virtual privatenetwork (VPN), and more particularly to providing substitute domaininformation in a VPN.

BACKGROUND

Global Internet users increasingly rely on VPN services to preservetheir privacy, to circumvent censorship, and/or to access geo-filteredcontent. Originally developed as a technology to privately send andreceive data across public networks, VPNs are now used broadly as aprivacy-preserving technology that allows Internet users to obscure notonly the communicated data but also personal information such as, forexample, web browsing history from third parties including Internetservice providers (ISPs), Spywares, or the like. A VPN service providermay offer a secure private networking environment within a publiclyshared, insecure infrastructure through encapsulation and encryption ofthe data communicated between a VPN client application (or VPNapplication) installed on a user device and a remote VPN server.

Most VPN providers rely on a tunneling protocol to create the secureprivate networking environment, which adds a layer of security toprotect each IP packet of the communicated data during communicationover the Internet. Tunneling may be associated with enclosing an entireIP packet within an outer IP packet to form an encapsulated IP packet,and transporting the enclosed IP packet over the Internet. The outer IPpacket may protect contents of the enclosed IP packet from public viewby ensuring that the enclosed IP packet is transmitted over the Internetwithin a virtual tunnel. Such a virtual tunnel may be a point-to-pointtunnel established between the user device and the VPN server. Theprocess of enclosing the entire IP packet within the outer IP packet maybe referred to as encapsulation. Computers, servers, or other networkdevices at ends of the virtual tunnel may be referred to as tunnelinterfaces and may be capable of encapsulating outgoing IP packets andof unwrapping incoming encapsulated IP packets.

Encryption may be associated with changing the data from being in atransparently readable format to being in an encrypted, unreadableformat with help of an encryption algorithm. Decryption may beassociated with changing the data from being in the encrypted,unreadable format to being in the transparently readable format withhelp of a decryption algorithm. In an example, encrypted data may bedecrypted with only a correct decryption key. In a VPN, encryption mayrender the communicated data unreadable or indecipherable to any thirdparty. At a basic level, when the user launches the installed VPNapplication and connects to the VPN server, the VPN application mayencrypt all contents of the data before transmission over the Internetto the VPN server. Upon receipt, the VPN server may decrypt theencrypted data and forward the decrypted data to an intended target viathe Internet. Similarly, the VPN server may encrypt all contents of thedata before transmission over the Internet to the user device. Uponreceipt, the VPN application on the user device may decrypt theencrypted data and provide the decrypted data to the user.

VPNs generally use different types of encryption and decryptionalgorithms to encrypt and decrypt the communicated data. Symmetricencryption may utilize encryption and decryption algorithms that rely ona single private key for encryption and decryption of data. Symmetricencryption is considered to be relatively speedy. One example of anencryption and decryption algorithm utilized by symmetric encryption maybe an AES encryption cipher. Asymmetric encryption, on the other hand,may utilize encryption and decryption algorithms that rely on twoseparate but mathematically-related keys for encryption and decryptionof data. In one example, data encrypted using a public key may bedecrypted using a separate but mathematically-related private key. Thepublic key may be publicly available through a directory, while theprivate key may remain confidential and accessible by only an owner ofthe private key. Asymmetric encryption may also be referred to as publickey cryptography. One example of an encryption and decryption algorithmutilized by asymmetric encryption may be Rivest-Shamir-Adleman (RSA)protocol.

In a VPN, keys for encryption and decryption may be randomly generatedstrings of bits. Each key may be generated to be unique. A length of anencryption key may be given by a number of the randomly generated bits,and, when using a given encryption algorithm, the longer the length ofthe encryption key, the stronger is the encryption.

VPNs may employ user authentication, which may involve verification ofcredentials required to confirm authenticity/identity of the user. Forinstance, when a user launches the VPN application to request a VPNconnection, the VPN service provider may authenticate the user deviceprior to providing the user device with access to VPN services. In thisway, user authentication may provide a form of access control.Typically, user authentication may include verification of a uniquecombination of a user ID and password. To provide improved security inthe VPN, user authentication may include additional factors such asknowledge, possession, inheritance, or the like. Knowledge factors mayinclude items (e.g., pin numbers) that an authentic user may be expectedto know. Possession factors may include items (e.g., a token provider toprovide one-time password (OTP) tokens) that an authentic user may beexpected to possess at a time associated with the authentication.Inherent factors may include biometric items (e.g., fingerprint scans,retina scans, iris scans, or the like) that may be inherent traits of anauthentic user.

A VPN may be associated with a network of VPN servers, typicallydeployed in various geographic locations. A VPN server may be a physicalserver or a virtual server configured to host and/or globally deliverVPN services to the user. A server may be a combination of hardware andsoftware, and may include logical and physical communication ports. Whenlaunched, the VPN application may connect with a selected VPN server forsecure communication of data via the virtual tunnel.

The VPN application, installed on the user device, may utilizesoftware-based technology to establish a secure connection between theuser device and a VPN server. Some VPN applications may automaticallywork in the background on the user device while other VPN applicationsmay include front-end interfaces to allow the user to interact with andconfigure the VPN applications. VPN applications may often be installedon a computer (e.g., user device), though some entities may provide apurpose-built VPN application as a hardware device that is pre-installedwith software to enable the VPN. Typically, a VPN application mayutilize one or more VPN protocols to encrypt and decrypt thecommunicated data. Some commonly used VPN protocols may include OpenVPN,SSTP, PPTP, L2TP/IPsec, SSL/TLS, Wireguard, IKEv2, and SoftEther.

SUMMARY

In one aspect, the present disclosure contemplates a method forproviding substitute domain information in a VPN, the method includingreceiving, at a processor associated with a device, domain informationassociated with a VPN service provider; determining, by the processor,substitute domain information based at least in part on determining thatthe VPN service provider is unreachable via utilization of the domaininformation, the determining the substitute domain information beingbased at least in part on utilizing a time marker and a string ofalphanumeric characters associated with the VPN service provider; andtransmitting, by the processor, a connection request to reach the VPNservice provider by utilizing the substitute domain information.

In another aspect, the present disclosure contemplates a deviceassociated with a VPN, the device including a memory and a processorconfigured to: receive domain information associated with a VPN serviceprovider; determine substitute domain information based at least in parton determining that the VPN service provider is unreachable viautilization of the domain information, the substitute domain informationbeing determined based at least in part on utilizing a time marker and astring of alphanumeric characters associated with the VPN serviceprovider; and transmit a connection request to reach the VPN serviceprovider by utilizing the substitute domain information.

In another aspect, the present disclosure contemplates a non-transitorycomputer readable medium storing instructions, which when executed by aprocessor cause the processor to: receive domain information associatedwith a VPN service provider; determine substitute domain informationbased at least in part on determining that the VPN service provider isunreachable via utilization of the domain information, the substitutedomain information being determined based at least in part on utilizinga time marker and a string of alphanumeric characters associated withthe VPN service provider; and transmit a connection request to reach theVPN service provider by utilizing the substitute domain information.

It is to be understood that both the foregoing general description andthe following detailed description are exemplary and explanatory innature and are intended to provide an understanding of the presentdisclosure without limiting the scope thereof. In that regard,additional aspects, features, and advantages of the present disclosurewill be apparent to one skilled in the art from the following detaileddescription.

BRIEF DESCRIPTION OF THE DRAWINGS

The accompanying drawings illustrate aspects of systems, devices,methods, and/or mediums disclosed herein and together with thedescription, serve to explain the principles of the present disclosure.Throughout this description, like elements, in whatever aspectdescribed, refer to common elements wherever referred to and referencedby the same reference number. The characteristics, attributes,functions, interrelations ascribed to a particular element in onelocation apply to those elements when referred to by the same referencenumber in another location unless specifically stated otherwise.

The figures referenced below are drawn for ease of explanation of thebasic teachings of the present disclosure; the extensions of the figureswith respect to number, position, relationship, and dimensions of theparts to form the following aspects may be explained or may be withinthe skill of the art after the following description has been read andunderstood. Further, exact dimensions and dimensional proportions toconform to specific force, weight, strength, and similar requirementswill likewise be within the skill of the art after the followingdescription has been read and understood.

The following is a brief description of each figure used to describe thepresent disclosure, and thus, is being presented for illustrativepurposes only and should not be limitative of the scope of the presentdisclosure.

FIG. 1 is an illustration of an example system associated with providingsubstitute domain information in a VPN, according to various aspects ofthe present disclosure.

FIG. 2 is an illustration of an example flow associated with providingsubstitute domain information in a VPN, according to various aspects ofthe present disclosure.

FIG. 3 is an illustration of an example process associated withproviding substitute domain information in a VPN, according to variousaspects of the present disclosure.

FIG. 4 is an illustration of an example process associated withproviding substitute domain information in a VPN, according to variousaspects of the present disclosure.

FIG. 5 is an illustration of an example process associated withproviding substitute domain information in a VPN, according to variousaspects of the present disclosure.

FIG. 6 is an illustration of example devices associated with providingsubstitute domain information in a VPN, according to various aspects ofthe present disclosure.

DETAILED DESCRIPTION

For the purposes of promoting an understanding of the principles of thepresent disclosure, reference will now be made to the aspectsillustrated in the drawings, and specific language may be used todescribe the same. It will nevertheless be understood that no limitationof the scope of the disclosure is intended. Any alterations and furthermodifications to the described devices, instruments, methods, and anyfurther application of the principles of the present disclosure arefully contemplated as would normally occur to one skilled in the art towhich the disclosure relates. In particular, it is fully contemplatedthat the features, components, and/or steps described with respect toone aspect may be combined with the features, components, and/or stepsdescribed with respect to other aspects of the present disclosure. Forthe sake of brevity, however, the numerous iterations of thesecombinations may not be described separately. For simplicity, in someinstances the same reference numbers are used throughout the drawings torefer to the same or like parts.

FIG. 1 is an illustration of an example system 100 associated withproviding substitute domain information in a VPN, according to variousaspects of the present disclosure. Example 100 shows an architecturaldepiction of components included in system 100. In some aspects, thecomponents may include a user device 102 capable of communicating withone or more VPN servers 120 and with a VPN service provider (VSP)control infrastructure 104 over a network 122. The VSP controlinfrastructure 104 may be controlled by a VPN service provider and mayinclude an application programming interface (API) 106, a user database108, processing unit 110, a server database 112, and the one or more VPNservers 120. In some aspects, the user device 102 may utilize aprocessing unit 116 and/or a client application 114, which is providedby the VSP control infrastructure 104, to communicate with the API 106.The API 106 may be capable of communicating with the user database 108and with the processing unit 110. Additionally, the processing unit 110may be capable of communicating with the server database 112, which maybe capable of communicating with a testing module (not shown). Thetesting module may be capable of communicating with the one or more VPNservers 120 over the network 122. The processing unit 110 may be capableof controlling operation of the one or more VPN servers 120.

The user device 102 may be a physical computing device capable ofhosting a VPN application and of connecting to the network 122. The userdevice 102 may be, for example, a laptop, a mobile phone, a tabletcomputer, a desktop computer, a smart device, a router, or the like. Insome aspects, the user device 102 may include, for example,Internet-of-Things (IoT) devices such as VSP smart home appliances,smart home security systems, autonomous vehicles, smart health monitors,smart factory equipment, wireless inventory trackers, biometric cybersecurity scanners, or the like. The network 122 may be any digitaltelecommunication network that permits several nodes to share and accessresources. In some aspects, the network 122 may include one or more of,for example, a local-area network (LAN), a wide-area network (WAN), acampus-area network (CAN), a metropolitan-area network (MAN), ahome-area network (HAN), Internet, Intranet, Extranet, and Internetwork.

The VSP control infrastructure 104 may include a combination of hardwareand software components that enable provision of VPN services to theuser device 102. The VSP control infrastructure 104 may interface with(the VPN application on) the user device 102 via the API 106, which mayinclude one or more endpoints to a defined request-response messagesystem. In some aspects, the API 106 may be configured to receive, viathe network 122, a connection request from the user device 102 toestablish a VPN connection with a VPN server 120. The connection requestmay include an authentication request to authenticate the user device102 and/or a request for an IP address of an optimal VPN server forestablishment of the VPN connection therewith. In some aspects, anoptimal VPN server may be a single VPN server 120 or a combination ofone or more VPN servers 120. The API 106 may receive the authenticationrequest and the request for an IP address of an optimal VPN server in asingle connection request. In some aspects, the API 106 may receive theauthentication request and the request for an IP address of an optimalVPN server in separate connection requests.

The API 106 may further be configured to handle the connection requestby mediating the authentication request. For instance, the API 106 mayreceive from the user device 102 credentials including, for example, aunique combination of a user ID and password for purposes ofauthenticating the user device 102. In another example, the credentialsmay include a unique validation code known to an authentic user. The API106 may provide the received credentials to the user database 108 forverification.

The user database 108 may include a structured repository of validcredentials belonging to authentic users. In one example, the structuredrepository may include one or more tables containing valid uniquecombinations of user IDs and passwords belonging to authentic users. Inanother example, the structured repository may include one or moretables containing valid unique validation codes associated withauthentic users. The VPN service provider may add or delete such validunique combinations of user IDs and passwords from the structuredrepository at any time. Based at least in part on receiving thecredentials from the API 106, the user database 108 and a processor(e.g., the processing unit 110 or another local or remote processor) mayverify the received credentials by matching the received credentialswith the valid credentials stored in the structured repository. In someaspects, the user database 108 and the processor may authenticate theuser device 102 when the received credentials match at least one of thevalid credentials. In this case, the VPN service provider may provideVPN services to the user device 102. When the received credentials failto match at least one of the valid credentials, the user database 108and the processor may fail to authenticate the user device 102. In thiscase, the VPN service provider may decline to provide VPN services tothe user device 102.

When the user device 102 is authenticated, the user device 102 mayinitiate a VPN connection and may transmit to the API 106 a request foran IP address of an optimal VPN server. The processing unit 110 includedin the VSP control infrastructure may be configured todetermine/identify a single VPN server 120 as the optimal server or alist of VPN servers. The processing unit 110 may utilize the API 106 totransmit the IP address of the optimal server or IP addresses of the VPNservers 120 included in the list to the user device 102. In the casewhere the list of IP addresses of the VPN servers 120 is provided, theuser device 102 may have an option to select a single VPN server 120from among the listed VPN servers as the optimal server 120. The userdevice 102 may transmit an initiation request to establish a VPNconnection (e.g., an encrypted tunnel) with the optimal VPN server. Insome aspects, the optimal VPN server with which the user deviceestablishes the encrypted tunnel may be referred to as a primary VPNserver or an entry VPN server. In some aspects, a VPN server 120 may bea piece of physical or virtual computer hardware and/or software capableof securely communicating with (the VPN application on) the user device102 for provision of VPN services.

The processing unit 110 may be a logical unit including a scoringengine. The processing unit 110 may include a logical componentconfigured to perform complex operations to compute numerical weightsrelated to various factors associated with the VPN servers 120. Thescoring engine may likewise include a logical component configured toperform arithmetical and logical operations to compute a server penaltyscore for one or more of the VPN servers 120.

In some aspects, based at least in part on server penalty scorescalculated via the complex operations and/or the arithmetical andlogical operations, the processing unit 110 may determine an optimal VPNserver. In one example, the processing unit 110 may determine the VPNserver 120 with the lowest server penalty score as the optimal VPNserver. In another example, the processing unit 110 may determine thelist of optimal VPN servers by including, for example, three (or anyother number) VPN servers 120 with the three lowest server penaltyscores.

One or more components (e.g., API 106, user database 108, processingunit 110, and/or server database 112) included in the VSP controlinfrastructure 104 and/or included in the user device 102 may further beassociated with a controller/processor, a memory, a communicationinterface, or a combination thereof (e.g., FIG. 7 ). For instance, theone or more components of the set of components may include or may beincluded in a controller/processor, a memory, or a combination thereof.In some aspects, the one or more of the components included in the VSPcontrol infrastructure 104 and/or the user device 102 may be separateand distinct from each other. Alternatively, in some aspects, one ormore of the components included in the VSP control infrastructure 104and/or the user device 102 may be combined with one or more of othercomponents included in the VSP control infrastructure 104. In someaspects, the one or more of the components included in the VSP controlinfrastructure 104 and/or the user device 102 may be local with respectto each other. Alternatively, in some aspects, one or more of thecomponents included in the VSP control infrastructure 104 and/or theuser device 102 may be located remotely with respect to one or more ofother components included in the VSP control infrastructure 104 and/orthe user device 102. Additionally, or alternatively, one or morecomponents of the components included in the VSP control infrastructure104 and/or the user device 102 may be implemented at least in part assoftware stored in a memory. For example, a component (or a portion of acomponent) may be implemented as instructions or code stored in anon-transitory computer-readable medium and executable by a controlleror a processor to perform the functions or operations of the component.Additionally, or alternatively, a set of (one or more) components shownin FIG. 1 may be configured to perform one or more functions describedas being performed by another set of components shown in FIG. 1 .

As indicated above, FIG. 1 is provided as an example. Other examples maydiffer from what is described with regard to FIG. 1 .

A user device may request VPN services from a VSP controlinfrastructure. To request the VPN services, the user device maytransmit, via a client application installed on the user device, aconnection request to an API associated with the VSP controlinfrastructure. The client application may utilize a domain nameservices (DNS) server to resolve domain information associated with theVSP control infrastructure provided by the user device and to determinean Internet protocol (IP) address associated with the API. Based ondetermining the IP address, the client application may route theconnection request to the API. The API may process the connectionrequest and enable the user device to obtain the VPN services.

In some cases, the API associated with the VSP control infrastructuremay fail to receive the request transmitted by the client application.In other words, the request may fail to reach the API. For instance, theDNS server may be associated with an Internet Service Provider (ISP)providing network services to the user device, and the ISP may haveblocked access to APIs associated with the VSP control infrastructure.In an example, the ISP may recognize that the domain information isassociated with the VSP control infrastructure and may block (e.g.,disable) access to APIs associated with the VSP control infrastructureby disallowing data (e.g., a connection request) to be transmitted to IPaddresses associated with the VSP control infrastructure. In anotherexample, the ISP the ISP may recognize that the domain information isassociated with the VSP control infrastructure and may block access toAPIs associated with the VSP control infrastructure by identifying aport number and/or a transport protocol associated with data beingtransmitted to IP addresses associated with the VSP controlinfrastructure and blocking such data from being transmitted. As aresult, the user device may be unable to request and obtain the VPNservices.

To reach the API associated with the VSP control infrastructure, theclient application may retransmit the connection request several times.Such retransmission of the connection request may inefficiently consumeuser device resources (e.g., processing resources, memory resources,power consumption resources, battery life, or the like) that canotherwise be used to perform other suitable tasks associated withobtaining the VPN services. Additionally, a delay may be introduced inobtaining the VPN services by the user device.

Various aspects of systems and techniques discussed in the presentdisclosure enable providing substitute domain information in a VPN. Insome aspects, a client application installed on a user device maytransmit a connection request to an API associated with a VSP controlinfrastructure for obtaining VPN services, and an ISP providing networkservices to the user device may have blocked access to APIs associatedwith the VSP control infrastructure. In such cases, the systems andtechniques discussed herein enable the client application to newlydetermine, in real time, the substitute domain information to reach theVSP control infrastructure. In some aspects, the client application mayindependently determine the substitute domain information based at leastin part on being unable to communicate with the VSP controlinfrastructure due to access to the VSP control infrastructure beingblocked. Because this substitute domain information is newly determinedfor use, a DNS server associated with the ISP may not recognize that thesubstitute domain information is associated with the VSP controlinfrastructure. As such, the ISP may not block access to the VSP controlinfrastructure via use of the substitute domain information. Further, insome aspects, the VSP control infrastructure may predetermine andcorrelate the substitute domain information (to be determined by theuser device in the future) with an IP address of an API associated withthe VSP control infrastructure. As a result, data (e.g., connectionrequest) transmitted using the substitute domain information may berouted to the API associated with the VSP control infrastructure. Inthis way, the user device may be enabled to obtain the VPN services fromthe VSP control infrastructure. By utilizing the above systems andtechniques, efficient consumption of user device resources (e.g.,processing resources, memory resources, power consumption resources,battery life, or the like) may be enabled. Additionally, a delay inobtaining the VPN services may be avoided.

In some aspects, a processor (e.g., processing unit 110) associated withthe user device may receive domain information associated with a VPNservice provider; determine substitute domain information based at leastin part on determining that access to the VPN service provider viautilization of the domain information is blocked; and transmit aconnection request to the VPN service provider by utilizing thesubstitute domain information.

FIG. 2 is an illustration of an example flow 200 associated withproviding substitute domain information in a VPN, according to variousaspects of the present disclosure. The example flow 200 may include auser device 102 in communication with a VSP control infrastructure 104for purposes of obtaining VPN services. In some aspects, the user device102 may utilize an installed client application 114, provided by the VSPcontrol infrastructure 104, to communicate with an API 106 associatedwith the VSP control infrastructure 104. The client application 114 andthe API 106 may communicate over a network (e.g., network 122). In someaspects, as discussed elsewhere herein, the VSP control infrastructuremay enable the user device 102 to obtain the VPN services.

As shown by reference numeral 210, the client application 114 mayreceive domain information associated with the VSP controlinfrastructure 104. In an example, the domain information may includeinformation such as a domain name, a network address, and/or a uniformresource locator (URL) link correlated to an IP address associated withthe VSP control infrastructure 104. In some aspects, the VSP controlinfrastructure 104 may provide the client application 114 to beinstalled on the user device 102. The client application 104 may enablethe user device 102 to receive the domain information to be processed bythe client application 104 and/or by the VSP control infrastructure 104.The client application 104 may include a graphical interface to receivethe domain information via a local input interface (e.g., touch screen,keyboard, mouse, pointer, etc.) associated with the user device 102. Thedomain information may be received via text input or via a selectionfrom among a plurality of options (e.g., pull down menu, etc.). In someaspects, the client application 114 may activate and/or enable, at atime associated with transmitting the connection request, the graphicalinterface for receiving the domain information. For instance, the clientapplication 114 may cause a screen (e.g., local screen) associated withthe user device 102 to display, for example, a pop-up message to requestentry of the domain information. Further, the client application 104 mayenable transmission of at least a portion of the domain information tothe VSP control infrastructure 104. In some aspects, the clientapplication 114 may utilize the domain information to transmit aconnection request to the VSP control infrastructure 104 for purposes ofobtaining the VPN services.

Based at least in part on transmitting the connection request, as shownby reference numeral 220, the client application 114 may determine thatthe API 106 associated with the VSP control infrastructure 104 isunreachable. In an example, as discussed elsewhere herein, the clientapplication 114 may determine that the IP address associated with theAPI 106 is unreachable because IP addresses and/or ports utilized forcommunicating (e.g., transmitting and/or receiving) with the VSP controlinfrastructure 104 are blocked. In some aspects, based at least in parton transmitting the connection request, the client application 114 mayreceive a null response, a response indicating that the transmittedconnection request was received by an entity other than the API 106associated with the VSP control infrastructure 104, or the like. As aresult, the client application 114 may determine that the transmittedconnection request failed to reach the API 106.

Based at least in part on determining that the transmitted connectionrequest failed to reach the API 106, as shown by reference numeral 230,the client application 114 may determine, in real-time, substitutedomain information for VSP control infrastructure 104. In some aspects,the client application 114 may independently determine the substitutedomain information without communicating with the VSP controlinfrastructure 104.

To determine the substitute domain information, the client application114 may determine a time marker. In some aspects, the client application114 may determine one or more time markers such as, for example, acurrent year, a current month, a current day of the month, a current dayof the year, a current week of the month, current week of the year, acurrent hour of the day, a current minute of the hour, and/or the like.Further, the client application 114 may attach a prefix to a timemarker. In some aspects, the prefix may include one or more alphanumericcharacters that enable to identify the time marker. For instance, theclient application 114 may attach the prefix y to the current year, theprefix m to the current month, the prefix dm to the current day of themonth, the prefix dy to the current day of the year, the prefix wm tothe current week of the month, the prefix wy to the current week of theyear, the prefix h to the current hour of the day, the prefix min to thecurrent minute of the hour, and/or the like. In some aspects, the clientapplication 114 may determine the one or more time markers based atleast in part on using Unix time (Epoch time, Posix time) or by anyother system for describing a point in time.

The client application 114 may also determine a string of alphanumericcharacters associated with the VSP control infrastructure 104. In oneexample, the string of alphanumeric characters may identify the VSPcontrol infrastructure 104. In another example, the string ofalphanumeric characters may include a set of alphanumeric characterspredetermined by the client application 114 and the VSP controlinfrastructure 104 to be used for determining the substitute domaininformation. In some aspects, the VSP control infrastructure 104 maystore the predetermined set of alphanumeric characters in the clientapplication 104. In some aspects, the predetermined set of alphanumericcharacters may be unique to the client application 104. The VSP controlinfrastructure 104 may predetermine the string of alphanumericcharacters and may provide the predetermined string of alphanumericcharacters to the user device 102 along with the client application.

The client application 114 may determine the substitute domaininformation by utilizing a cryptographic hash function such as, forexample, the SHA-2 hash function. In some aspects, the clientapplication 114 may utilize the cryptographic hash function to hash acombination of one or more time markers and the string of alphanumericcharacters associated with the VSP control infrastructure 104. In someaspects, the client application 114 may modify the one or more timemarkers by attaching one or more alphanumeric characters and/or specialcharacters as a prefix and/or a suffix to the one or more time markers.In an example, the client application 114 may determine the substitutedomain information by hashing a combination of the current year and thestring of alphanumeric characters (e.g., hash(modified timemarker(s)+string of alphanumeric characters)). For instance, when thecurrent year is 2021 and the string of alphanumeric characters isVSPCI104, the client application 114 may determine the substitute domaininformation as hash(y2021+VSPCI104). In another example, the clientapplication 114 may determine the substitute domain information byhashing a combination of the current year, the current day of the year,and the string of alphanumeric characters. For instance, when thecurrent year is 2021, the current day of the year is the 300^(th) day ofthe year, and the string of alphanumeric characters is VSPCI104, theclient application 114 may determine the substitute domain informationas hash(y2021+d300y+VSPCI104). In yet another example, the clientapplication 114 may determine the substitute domain information byhashing a combination of the current year, the current day of the year,the current hour of the day, and the string of alphanumeric characters.For instance, when the current year is 2021, the current day of the yearis the 250^(th) day of the year, the current hour of the day is the13^(th) hour of the day, and the string of alphanumeric characters isVSPCI104, the client application 114 may determine the substitute domaininformation as hash(y/2021+dy/250+h/13+VSPCI104).

In some aspects, determining the substitute domain information mayinclude adding one or more appropriate levels of domain names to thehashed combination of one or more modified time markers and the stringof alphanumeric characters. In an example, the client application 114may add an appropriate higher level domain name such as, for example,.com, .de, .co.uk, etc. to the hashed combination of one or moreprefixed time markers and the string of alphanumeric characters. In suchcases, the client application 114 may determine the substitute domaininformation as, for example, hash(y2021+VSPCI104).com,hash(y2021+dy300+VSPCI104).de, hash(y2021+dy250+h13+VSPCI104).co.uk,etc. In another example, the client application 114 may add anappropriate lower level domain name (e.g., sub domain) such as, forexample, www, api, aaa, aa1, ab1, etc. to the hashed combination of oneor more prefixed time markers and the string of alphanumeric characters.In such cases, the client application 114 may determine the substitutedomain information as, for example, www.hash(y2021+VSPCI104).com,aa1.hash(y2021+dy300+VSPCI104).de,api.hash(y2021+dy250+h13+VSPCI104).co.uk, etc. In some aspects, thelower level domain name may include any number of alphanumericcharacters.

Based at least in part on determining the substitute domain informationfor the VSP control infrastructure 104, as shown by reference numeral240, the client application 114 may utilize the substitute domaininformation to reach the API 106 associated with the VSP controlinfrastructure 104. In some aspects, the client application 114 maydetermine whether the VSP control infrastructure 104 is reachable viause of the determined substitute domain information. In some aspects,the client application 114 may utilize the substitute domain informationto transmit a connection request to the VSP control infrastructure 104for purposes of obtaining the VPN services. In an example, the clientapplication 114 may utilize the substitute domain information by hashinga combination of the current year and the string of alphanumericcharacters (e.g., hash(y2021+VSPCI104).com) to transmit the connectionrequest. When an appropriate response to the connection request isreceived from the VSP control infrastructure 104, the client application114 may determine that the VSP control infrastructure 104 is reachablevia use of the substitute domain information.

Alternatively, when a null response is received or a response indicatingthat the transmitted connection request was received by an entity otherthan the VSP control infrastructure 104 is received, the clientapplication 114 may determine that the transmitted connection requestfailed to reach the VSP control infrastructure 104 (e.g., the API 106associated with the VSP control infrastructure 104). In this case, theclient application 114 may determine, in real-time, different substitutedomain information (e.g., utilizing a different combination of the oneor more time markers and the string of alphanumeric characters) to reachthe VSP control infrastructure 104. In an example, the clientapplication 114 may utilize the substitute domain information determinedby hashing a combination of the current year, the current day of theyear, and the string of alphanumeric characters (e.g.,hash(y2021+dy300+VSPCI104).com) to reach the VSP control infrastructure104. When an appropriate response to the connection request is receivedfrom the VSP control infrastructure 104, the client application 114 maydetermine that the VSP control infrastructure 104 is reachable via useof the substitute domain information.

Alternatively, when a null response is received or a response indicatingthat the transmitted connection request was received by an entity otherthan the VSP control infrastructure 104 is received, the clientapplication 114 may determine that the transmitted connection requestfailed to reach the VSP control infrastructure 104. In this case, theclient application 114 may determine, in real-time, different substitutedomain information (e.g., utilizing a different combination of the oneor more time markers and the string of alphanumeric characters) to reachthe VSP control infrastructure 104. In this way, the client application114 may continue to determine substitute domain information utilizingdifferent combinations of the one or more time markers and the string ofalphanumeric characters until an appropriate response to the connectionrequest is received from the VSP control infrastructure 104 indicatingthat the VSP control infrastructure 104 is reachable via use of thesubstitute domain information.

Based at least in part on the systems and techniques discussed herein toutilize substitute domain information to reach the VSP controlinfrastructure, a user device may be enabled to obtain the VPN servicesfrom the VSP control infrastructure. Further, efficient consumption ofuser device resources (e.g., processing resources, memory resources,power consumption resources, battery life, or the like) may be enabled.Additionally, a delay in obtaining the VPN services may be avoided.

As indicated above, FIG. 2 is provided as an example. Other examples maydiffer from what is described with regard to FIG. 2 .

FIG. 3 is an illustration of an example process 300 associated withproviding substitute domain information in a VPN, according to variousaspects of the present disclosure. In some aspects, the process 300 maybe performed by a memory and/or a processor/controller (e.g., processingunit 116, processor 620) associated with a user device (e.g., userdevice 102) executing a client application. As shown by referencenumeral 310, process 300 may include receiving, at a processorassociated with a device, domain information associated with a VPNservice provider. For instance, the user device may utilize acommunication interface (e.g., communication interface 670) and theassociated memory and/or processor to receive domain informationassociated with a VPN service provider, as discussed elsewhere herein.

As shown by reference numeral 320, process 300 may include determining,by the processor, substitute domain information based at least in parton determining that the VPN service provider is unreachable viautilization of the domain information, the determining the substitutedomain information being based at least in part on utilizing a timemarker and a string of alphanumeric characters associated with the VPNservice provider. For instance, the user device may utilize theassociated memory and/or processor to determine substitute domaininformation based at least in part on determining that the VPN serviceprovider is unreachable via utilization of the domain information, thedetermining the substitute domain information being based at least inpart on utilizing a time marker and a string of alphanumeric charactersassociated with the VPN service provider, as discussed elsewhere herein.

As shown by reference numeral 330, process 300 may include transmitting,by the processor, a connection request to reach the VPN service providerby utilizing the substitute domain information. For instance, the userdevice may utilize a communication interface (e.g., communicationinterface 670) and the associated memory and/or processor to transmit aconnection request to reach the VPN service provider by utilizing thesubstitute domain information, as discussed elsewhere herein.

Process 300 may include additional aspects, such as any single aspect orany combination of aspects described below and/or in connection with oneor more other processes described elsewhere herein.

In a first aspect, in process 300, determining the substitute domaininformation includes utilizing a hashing function.

In a second aspect, alone or in combination with the first aspect, inprocess 300, determining the substitute domain information includesutilizing a hashing function to hash data associated with the timemarker and the predetermined string of alphanumeric characters.

In a third aspect, alone or in combination with the first through secondaspects, in process 300, determining the substitute domain informationincludes determining the substitute domain information in real time.

In a fourth aspect, alone or in combination with the first through thirdaspects, in process 300, the string of alphanumeric characters ispredetermined.

In a fifth aspect, alone or in combination with the first through fourthaspects, in process 300, receiving the domain information includesreceiving the domain information via a client application associatedwith the VPN service provider.

In a sixth aspect, alone or in combination with the first through fifthaspects, in process 300, the string of alphanumeric characters enablesto identify the VPN service provider.

Although FIG. 3 shows example blocks of the process, in some aspects,the process may include additional blocks, fewer blocks, differentblocks, or differently arranged blocks than those depicted in FIG. 3 .Additionally, or alternatively, two or more of the blocks of the processmay be performed in parallel.

As indicated above, FIG. 3 is provided as an example. Other examples maydiffer from what is described with regard to FIG. 3 .

FIG. 4 is an illustration of an example process 400 associated withproviding substitute domain information in a VPN, according to variousaspects of the present disclosure. In some aspects, the process 400 maybe performed by a memory and/or a processor/controller (e.g., processingunit 116, processor 620) associated with a user device (e.g., userdevice 102) executing a client application. As shown by referencenumeral 410, process 400 may include determining, by a processor, that aVPN service provider is unreachable via utilization of received domaininformation. For instance, the user device may utilize the associatedmemory and/or processor to determine that a VPN service provider isunreachable via utilization of received domain information, as discussedelsewhere herein.

As shown by reference numeral 420, process 400 may include determining,by the processor, first substitute domain information based at least inpart on determining that the VPN service provider is unreachable viautilization of the received domain information. For instance, the userdevice may utilize the associated memory and/or processor to determinefirst substitute domain information based at least in part ondetermining that the VPN service provider is unreachable via utilizationof the received domain information, as discussed elsewhere herein.

As shown by reference numeral 430, process 400 may include determining,by the processor, second substitute domain information based at least inpart on determining that the VPN service provider is unreachable viautilization of the first substitute domain information, the secondsubstitute domain information being different than the first substitutedomain information. For instance, the user device may utilize theassociated memory and/or processor to determine second substitute domaininformation based at least in part on determining that the VPN serviceprovider is unreachable via utilization of the first substitute domaininformation, the second substitute domain information being differentthan the first substitute domain information, as discussed elsewhereherein.

Process 400 may include additional aspects, such as any single aspect orany combination of aspects described below and/or in connection with oneor more other processes described elsewhere herein.

In a first aspect, in process 400, determining the first substitutedomain information includes utilizing a first hash function, anddetermining the second substitute domain information includes utilizinga second hash function.

In a second aspect, alone or in combination with the first aspect, inprocess 400, determining the first substitute domain informationincludes utilizing a first combination of one or more time markers andan alphanumeric string, and determining the second substitute domaininformation includes utilizing a second combination of the one or moretime markers and the alphanumeric string.

In a third aspect, alone or in combination with the first through secondaspects, in process 400, determining the first substitute domaininformation includes utilizing a first time marker and an alphanumericstring, the first time marker including a first prefix, and determiningthe second substitute domain information includes utilizing a secondtime marker and the alphanumeric string, the second time markerincluding a second prefix.

In a fourth aspect, alone or in combination with the first through thirdaspects, in process 400, determining the first substitute domaininformation includes adding a first domain name associated with the VPNservice provider, and determining the second substitute domaininformation includes adding a second domain name associated with the VPNservice provider.

In a fifth aspect, alone or in combination with the first through fourthaspects, in process 400, determining the first substitute domaininformation includes determining the first substitute domain informationin real time, and determining the second substitute domain informationincludes determining the second substitute domain information in realtime.

In a sixth aspect, alone or in combination with the first through fifthaspects, in process 400, determining that the VPN service provider isunreachable includes determining that access to an internet protocol(IP) address associated with the VPN service provider is disabled.

Although FIG. 4 shows example blocks of the process, in some aspects,the process may include additional blocks, fewer blocks, differentblocks, or differently arranged blocks than those depicted in FIG. 4 .Additionally, or alternatively, two or more of the blocks of the processmay be performed in parallel.

As indicated above, FIG. 4 is provided as an example. Other examples maydiffer from what is described with regard to FIG. 4 .

FIG. 5 is an illustration of an example process 500 associated withproviding substitute domain information in a VPN, according to variousaspects of the present disclosure. In some aspects, the process 500 maybe performed by a memory and/or a processor/controller (e.g., processingunit 116, processor 620) associated with a user device (e.g., userdevice 102) executing a client application. As shown by referencenumeral 510, process 500 may include determining, by the processor,first substitute domain information by utilizing a hashing function tohash a first time marker and a string of alphanumeric characters. Forinstance, the user device may utilize the associated memory and/or aprocessor to determine first substitute domain information by utilizinga hashing function to hash a first time marker and a string ofalphanumeric characters, as discussed elsewhere herein.

As shown by reference numeral 520, process 500 may include determining,by the processor, second substitute domain information by utilizing thehashing function to hash a second time marker and the string ofalphanumeric characters, the second time marker being different than thefirst time marker. For instance, the user device may utilize theassociated memory and/or processor to determine second substitute domaininformation by utilizing the hashing function to hash a second timemarker and the string of alphanumeric characters, the second time markerbeing different than the first time marker, as discussed elsewhereherein.

As shown by reference numeral 530, process 500 may include transmitting,by the processor, a connection request utilizing the second substitutedomain information to reach a VPN service provider based at least inpart on determining that the VPN service provider is unreachable viautilization of the first substitute domain information. For instance,the user device may utilize a communication interface (e.g.,communication interface 670) and the associated memory and/or processorto transmit a connection request utilizing the second substitute domaininformation to reach a VPN service provider based at least in part ondetermining that the VPN service provider is unreachable via utilizationof the first substitute domain information, as discussed elsewhereherein.

Process 500 may include additional aspects, such as any single aspect orany combination of aspects described below and/or in connection with oneor more other processes described elsewhere herein.

In a first aspect, in process 500, the first time marker includes afirst prefix, and the second time marker includes a second prefix.

In a second aspect, alone or in combination with the first aspect, inprocess 500, the first time marker includes a first combination of oneor more time markers, and the second time marker includes a secondcombination of the one or more time markers.

In a third aspect, alone or in combination with the first through secondaspects, in process 500, the first time marker includes a first timemarker associated with a first duration of time, and the second timemarker includes a combination of the first time marker associated withthe first duration of time and a second time marker associated with asecond duration of time.

In a fourth aspect, alone or in combination with the first through thirdaspects, in process 500, determining the first substitute domaininformation includes determining the first substitute domain informationin real time, and determining the second substitute domain informationincludes determining the second substitute domain information in realtime.

In a fifth aspect, alone or in combination with the first through fourthaspects, in process 500, the string of alphanumeric characters ispredetermined and identifies the VPN service provider.

In a sixth aspect, alone or in combination with the first through fifthaspects, in process 500, determining the first substitute domaininformation includes adding a first domain name associated with the VPNservice provider, and determining the second substitute domaininformation includes adding a second domain name associated with the VPNservice provider.

Although FIG. 5 shows example blocks of the process, in some aspects,the process may include additional blocks, fewer blocks, differentblocks, or differently arranged blocks than those depicted in FIG. 5 .Additionally, or alternatively, two or more of the blocks of the processmay be performed in parallel.

As indicated above, FIG. 5 is provided as an example. Other examples maydiffer from what is described with regard to FIG. 5 .

FIG. 6 is an illustration of example devices 600 associated withproviding substitute domain information in a VPN, according to variousaspects of the present disclosure. In some aspects, the example devices600 may form part of or implement the systems, servers, environments,infrastructures, components, devices, or the like described elsewhereherein (e.g., VSP control infrastructure, VPN server, etc.) and may beused to perform example processes described elsewhere herein. Theexample devices 600 may include a universal bus 610 communicativelycoupling a processor 620, a memory 630, a storage component 640, aninput component 650, an output component 660, and a communicationinterface 670.

Bus 610 may include a component that permits communication amongmultiple components of a device 600. Processor 620 may be implemented inhardware, firmware, and/or a combination of hardware and software.Processor 620 may take the form of a central processing unit (CPU), agraphics processing unit (GPU), an accelerated processing unit (APU), amicroprocessor, a microcontroller, a digital signal processor (DSP), afield-programmable gate array (FPGA), an application-specific integratedcircuit (ASIC), or another type of processing component. In someaspects, processor 620 may include one or more processors capable ofbeing programmed to perform a function. Memory 630 may include a randomaccess memory (RAM), a read only memory (ROM), and/or another type ofdynamic or static storage device (e.g., a flash memory, a magneticmemory, and/or an optical memory) that stores information and/orinstructions for use by processor 620.

Storage component 640 may store information and/or software related tothe operation and use of a device 600. For example, storage component640 may include a hard disk (e.g., a magnetic disk, an optical disk,and/or a magneto-optic disk), a solid state drive (SSD), a compact disc(CD), a digital versatile disc (DVD), a floppy disk, a cartridge, amagnetic tape, and/or another type of non-transitory computer-readablemedium, along with a corresponding drive.

Input component 650 may include a component that permits a device 600 toreceive information, such as via user input (e.g., a touch screendisplay, a keyboard, a keypad, a mouse, a button, a switch, and/or amicrophone). Additionally, or alternatively, input component 650 mayinclude a component for determining location (e.g., a global positioningsystem (GPS) component) and/or a sensor (e.g., an accelerometer, agyroscope, an actuator, another type of positional or environmentalsensor, and/or the like). Output component 660 may include a componentthat provides output information from device 600 (via, for example, adisplay, a speaker, a haptic feedback component, an audio or visualindicator, and/or the like).

Communication interface 670 may include a transceiver-like component(e.g., a transceiver, a separate receiver, a separate transmitter,and/or the like) that enables a device 600 to communicate with otherdevices, such as via a wired connection, a wireless connection, or acombination of wired and wireless connections. Communication interface670 may permit device 600 to receive information from another deviceand/or provide information to another device. For example, communicationinterface 670 may include an Ethernet interface, an optical interface, acoaxial interface, an infrared interface, a radio frequency (RF)interface, a universal serial bus (USB) interface, a Wi-Fi interface, acellular network interface, and/or the like.

A device 600 may perform one or more processes described elsewhereherein. A device 600 may perform these processes based on processor 620executing software instructions stored by a non-transitorycomputer-readable medium, such as memory 630 and/or storage component640. As used herein, the term “computer-readable medium” may refer to anon-transitory memory device. A memory device may include memory spacewithin a single physical storage device or memory space spread acrossmultiple physical storage devices.

Software instructions may be read into memory 630 and/or storagecomponent 640 from another computer-readable medium or from anotherdevice via communication interface 670. When executed, softwareinstructions stored in memory 630 and/or storage component 640 may causeprocessor 620 to perform one or more processes described elsewhereherein. Additionally, or alternatively, hardware circuitry may be usedin place of or in combination with software instructions to perform oneor more processes described elsewhere herein. Thus, implementationsdescribed herein are not limited to any specific combination of hardwarecircuitry and software.

The quantity and arrangement of components shown in FIG. 6 are providedas an example. In practice, a device 600 may include additionalcomponents, fewer components, different components, or differentlyarranged components than those shown in FIG. 6 . Additionally, oralternatively, a set of components (e.g., one or more components) of adevice 600 may perform one or more functions described as beingperformed by another set of components of a device 600.

As indicated above, FIG. 6 is provided as an example. Other examples maydiffer from what is described with regard to FIG. 6 .

Persons of ordinary skill in the art will appreciate that the aspectsencompassed by the present disclosure are not limited to the particularexemplary aspects described herein. In that regard, althoughillustrative aspects have been shown and described, a wide range ofmodification, change, and substitution is contemplated in the foregoingdisclosure. It is understood that such variations may be made to theaspects without departing from the scope of the present disclosure.Accordingly, it is appropriate that the appended claims be construedbroadly and in a manner consistent with the present disclosure.

The foregoing disclosure provides illustration and description, but isnot intended to be exhaustive or to limit the aspects to the preciseform disclosed. Modifications and variations may be made in light of theabove disclosure or may be acquired from practice of the aspects.

As used herein, the term “component” or “device” is intended to bebroadly construed as hardware, firmware, or a combination of hardwareand software. As used herein, a processor is implemented in hardware,firmware, or a combination of hardware and software.

As used herein, satisfying a threshold may, depending on the context,refer to a value being greater than the threshold, greater than or equalto the threshold, less than the threshold, less than or equal to thethreshold, equal to the threshold, or not equal to the threshold, amongother examples, or combinations thereof.

It will be apparent that systems or methods described herein may beimplemented in different forms of hardware, firmware, or a combinationof hardware and software. The actual specialized control hardware orsoftware code used to implement these systems or methods is not limitingof the aspects. Thus, the operation and behavior of the systems ormethods were described herein without reference to specific softwarecode—it being understood that software and hardware can be designed toimplement the systems or methods based, at least in part, on thedescription herein.

Even though particular combinations of features are recited in theclaims or disclosed in the specification, these combinations are notintended to limit the disclosure of various aspects. In fact, many ofthese features may be combined in ways not specifically recited in theclaims or disclosed in the specification. Although each dependent claimlisted below may directly depend on only one claim, the disclosure ofvarious aspects includes each dependent claim in combination with everyother claim in the claim set. A phrase referring to “at least one of” alist of items refers to any combination of those items, including singlemembers. As an example, “at least one of: a, b, or c” is intended tocover a, b, c, a-b, a-c, b-c, and a-b-c, as well as any combination withmultiples of the same element (for example, a-a, a-a-a, a-a-b, a-a-c,a-b-b, a-c-c, b-b, b-b-b, b-b-c, c-c, and c-c-c or any other ordering ofa, b, and c).

No element, act, or instruction used herein should be construed ascritical or essential unless explicitly described as such. Also, as usedherein, the articles “a” and “an” are intended to include one or moreitems, and may be used interchangeably with “one or more.” Further, asused herein, the article “the” is intended to include one or more itemsreferenced in connection with the article “the” and may be usedinterchangeably with “the one or more.” Furthermore, as used herein, theterm “set” is intended to include one or more items (e.g., relateditems, unrelated items, a combination of related and unrelated items,etc.), and may be used interchangeably with “one or more.” Where onlyone item is intended, the phrase “only one” or similar language is used.Also, as used herein, the terms “has,” “have,” “having,” or the like areintended to be open-ended terms. Further, the phrase “based on” isintended to mean “based, at least in part, on” unless explicitly statedotherwise. Also, as used herein, the term “or” is intended to beinclusive when used in a series and may be used interchangeably with“and/or,” unless explicitly stated otherwise (e.g., if used incombination with “either” or “only one of”).

What is claimed is:
 1. A method in a virtual private network (VPN)service environment, the method comprising: receiving, at a user device,domain information associated with a VPN service provider; transmitting,by the user device, a first connection request to the VPN serviceprovider based at least in part on utilizing the domain information;determining, by the user device, that the VPN service provider cannot bereached via utilization of the domain information; determining, by theuser device based at least in part on determining that the VPN serviceprovider cannot be reached, substitute domain information to be utilizedfor transmitting a second connection request; and transmitting, by theuser device, the second connection request to the VPN service providerbased at least in part on utilizing the substitute domain information.2. The method of claim 1, wherein determining the substitute domaininformation includes utilizing a hash function.
 3. The method of claim1, wherein determining the substitute domain information includesutilizing a combination of one or more time markers and an alphanumericstring.
 4. The method of claim 1, wherein determining the substitutedomain information includes utilizing a time marker and an alphanumericstring, the time marker including a first prefix.
 5. The method of claim1, wherein determining the substitute domain information includes addinga domain name associated with the VPN service provider.
 6. The method ofclaim 1, wherein determining the substitute domain information includesdetermining the substitute domain information in real time.
 7. Themethod of claim 1, wherein determining that the VPN service providercannot be reached includes determining that the connection request isnot to be transmitted utilizing the domain information.
 8. A userdevice, comprising: a memory; and a processor communicatively coupled tothe memory, the memory and the processor being configured to: receivedomain information associated with a VPN service provider; transmit afirst connection request to the VPN service provider based at least inpart on utilizing the domain information; determine that the VPN serviceprovider cannot be reached via utilization of the domain information;determine, based at least in part on determining that the VPN serviceprovider cannot be reached, substitute domain information to be utilizedfor transmitting a second connection request; and transmit the secondconnection request to the VPN service provider based at least in part onutilizing the substitute domain information.
 9. The user device of claim8, wherein, to determine the substitute domain information, the memoryand the processor are configured to utilize a hash function.
 10. Theuser device of claim 8, wherein, to determine the substitute domaininformation, the memory and the processor are configured to utilize acombination of one or more time markers and an alphanumeric string. 11.The user device of claim 8, wherein, to determine the substitute domaininformation, the memory and the processor are configured to utilize atime marker and an alphanumeric string, the time marker including afirst prefix.
 12. The user device of claim 8, wherein, to determine thesubstitute domain information, the memory and the processor areconfigured to add a domain name associated with the VPN serviceprovider.
 13. The user device of claim 8, wherein, to determine thesubstitute domain information, the memory and the processor areconfigured to determine the substitute domain information in real time.14. The user device of claim 8, wherein, to determine that the VPNservice provider cannot be reached, the memory and the processor areconfigured to determine that the connection request is not to betransmitted utilizing the domain information.
 15. A non-transitorycomputer-readable medium configured to store instructions, which whenexecuted by a processor associated with a user device operating in avirtual private network (VPN) environment, configure the processor to:receive domain information associated with a VPN service provider;transmit a first connection request to the VPN service provider based atleast in part on utilizing the domain information; determine that theVPN service provider cannot be reached via utilization of the domaininformation; determine, based at least in part on determining that theVPN service provider cannot be reached, substitute domain information tobe utilized for transmitting a second connection request; and transmitthe second connection request to the VPN service provider based at leastin part on utilizing the substitute domain information.
 16. Thenon-transitory computer-readable medium of claim 15, wherein, todetermine the substitute domain information, the processor is configuredto utilize a hash function.
 17. The non-transitory computer-readablemedium of claim 15, wherein, to determine the substitute domaininformation, the processor is configured to utilize a combination of oneor more time markers and an alphanumeric string.
 18. The non-transitorycomputer-readable medium of claim 15, wherein, to determine thesubstitute domain information, the processor is configured to utilize atime marker and an alphanumeric string, the time marker including afirst prefix.
 19. The non-transitory computer-readable medium of claim15, wherein, to determine the substitute domain information, theprocessor is configured to add a domain name associated with the VPNservice provider.
 20. The non-transitory computer-readable medium ofclaim 15, wherein, to determine the substitute domain information, theprocessor is configured to determine the substitute domain informationin real time.